{"id":7057,"date":"2022-10-11T20:41:37","date_gmt":"2022-10-11T20:41:37","guid":{"rendered":"http:\/\/putridparrot.com\/blog\/?p=7057"},"modified":"2022-10-23T14:09:52","modified_gmt":"2022-10-23T14:09:52","slug":"cross-site-access-in-iis","status":"publish","type":"post","link":"https:\/\/putridparrot.com\/blog\/cross-site-access-in-iis\/","title":{"rendered":"Cross site access in IIS"},"content":{"rendered":"<p><em>Note: This post was written a while back but sat in draft. I&#8217;ve published this now, but I&#8217;m not sure it&#8217;s relevant to the latest versions etc. so please bear this in mind.<\/em><\/p>\n<p>How do we handle CORS (cross site) access within IIS, i.e. how to we allow\/enable it? <\/p>\n<p>We simply need to create a web.config file in the root of our web application, here&#8217;s an example<\/p>\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">\r\n&lt;?xml version=&quot;1.0&quot; encoding=&quot;UTF-8&quot;?&gt;\r\n&lt;configuration&gt;\r\n  &lt;system.webServer&gt;\r\n    &lt;defaultDocument&gt;\r\n      &lt;files&gt;\r\n        &lt;clear \/&gt;\r\n        &lt;add value=&quot;data.json&quot; \/&gt;\r\n      &lt;\/files&gt;\r\n    &lt;\/defaultDocument&gt;\r\n    &lt;staticContent&gt;\r\n      &lt;mimeMap fileExtension=&quot;.json&quot; mimeType=&quot;text\/json&quot; \/&gt;\r\n    &lt;\/staticContent&gt;\r\n    &lt;httpProtocol&gt;\r\n      &lt;customHeaders&gt;\r\n       \t&lt;add name=&quot;Access-Control-Allow-Origin&quot; value=&quot;http:\/\/localhost:3000&quot; \/&gt;\r\n      \t&lt;add name=&quot;Access-Control-Allow-Methods&quot; value=&quot;GET, PUT, POST, DELETE, HEAD, OPTIONS&quot; \/&gt;\r\n      \t&lt;add name=&quot;Access-Control-Allow-Credentials&quot; value=&quot;true&quot;\/&gt;\r\n      \t&lt;add name=&quot;Access-Control-Allow-Headers&quot; value=&quot;X-Requested-With, origin, content-type, accept&quot; \/&gt;\r\n      &lt;\/customHeaders&gt;\r\n    &lt;\/httpProtocol&gt;\r\n  &lt;\/system.webServer&gt;\r\n&lt;\/configuration&gt;\r\n<\/pre>\n<p>Here, within the customHeaders section we explicitly allow origin of localhost (this value could be set to *). <\/p>\n","protected":false},"excerpt":{"rendered":"<p>Note: This post was written a while back but sat in draft. I&#8217;ve published this now, but I&#8217;m not sure it&#8217;s relevant to the latest versions etc. so please bear this in mind. How do we handle CORS (cross site) access within IIS, i.e. how to we allow\/enable it? We simply need to create a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[182],"tags":[],"class_list":["post-7057","post","type-post","status-publish","format-standard","hentry","category-iis"],"jetpack_sharing_enabled":true,"jetpack_featured_media_url":"","_links":{"self":[{"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/posts\/7057","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/comments?post=7057"}],"version-history":[{"count":3,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/posts\/7057\/revisions"}],"predecessor-version":[{"id":9585,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/posts\/7057\/revisions\/9585"}],"wp:attachment":[{"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/media?parent=7057"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/categories?post=7057"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/putridparrot.com\/blog\/wp-json\/wp\/v2\/tags?post=7057"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}